The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill enables interaction with external, untrusted web content which could contain malicious instructions for the agent. Ingestion points: Content retrieved through mcp__claude_in_chrome__* tools during browsing and screenshotting. Boundary markers: Absent; the instructions provide no delimiters to separate system instructions from webpage content. Capability inventory: Navigation, element interaction (clicking), and screenshot capture. Sanitization: None; the skill does not include logic to filter or escape webpage data.
[SAFE] (SAFE): The skill explicitly uses the user's browser profile as intended for its automation purpose, and no evidence of obfuscation or persistence mechanisms was found.

claude-bowser